recommendations for a radically secure isa
play

Recommendations for a radically secure ISA Mathieu Escouteloup 1 - PowerPoint PPT Presentation

Oct 12, 2023 •241 likes •476 views

Recommendations for a radically secure ISA Mathieu Escouteloup 1 Jacques Fournier 2 Jean-Louis Lanet 1 Ronan Lashermes 1 1 INRIA 2 CEA Leti May 30th, 2020 CARRV Radically secure ISA May 30th, 2020 1 / 22 Introduction The problem 1 1 Icon

  1. Recommendations for a radically secure ISA Mathieu Escouteloup 1 Jacques Fournier 2 Jean-Louis Lanet 1 Ronan Lashermes 1 1 INRIA 2 CEA Leti May 30th, 2020 CARRV Radically secure ISA May 30th, 2020 1 / 22

  2. Introduction The problem 1 1 Icon made by Freepik from www.flaticon.com Radically secure ISA May 30th, 2020 2 / 22

  3. Introduction The problem Radically secure ISA May 30th, 2020 3 / 22

  4. Introduction Content Confidential registers 1 Stricter control flows 2 Hardware security contexts 3 Wrap-up 4 Radically secure ISA May 30th, 2020 4 / 22

  5. Confidential registers Table of contents Confidential registers 1 Stricter control flows 2 Hardware security contexts 3 Wrap-up 4 Radically secure ISA May 30th, 2020 5 / 22

  6. Confidential registers Ensuring confidentiality at the ISA level Writing programs handling confidential data is hard As a developer, we must prevent any timing dependency on the confidential data. Compilers are not our friends. Timing dependency is not the only possible leakage depending on the context (power consumption, EM radiation, . . . ). There is no way for the developer to tell the machine: “Take care, this value must be kept confidential !” . This issue should be addressed by the ISA Radically secure ISA May 30th, 2020 6 / 22

  7. Confidential registers Confidential registers Recommendation 1 Confidential registers Tag some registers ( e.g. x8 to x15 ) as confidential, with the following semantic consequences. It is not possible to branch depending on a confidential register. Instructions are authorized only if their timing is not data dependant (integer multiplication and division in particular may be forbidden depending on their hardware implementation). They cannot be used as the source address in load and store instructions. Any violation of these rules should raise a hardware security fault. Radically secure ISA May 30th, 2020 7 / 22

  8. Confidential registers Consequences of confidential registers Implementation liberty Depending on the security profile, these registers can be hardened: the values are masked to avoid power consumption leakage, the micro-architecture uses hardened execution units. . . Confidentiality boundary Confidential registers enable compilers to map confidential variables to confidential registers with a guarantee that the hardware won’t mess things up. In particular, the confidentiality boundaries, when a confidential data is made public, become trivial to detect. Radically secure ISA May 30th, 2020 8 / 22

  9. Stricter control flows Table of contents Confidential registers 1 Stricter control flows 2 Hardware security contexts 3 Wrap-up 4 Radically secure ISA May 30th, 2020 9 / 22

  10. Stricter control flows Control flow integrity Abusing the control flow The ability to abuse the control flow while keeping static integrity is a well-known threat from return-oriented programming (ROP) and its variants. Numerous control flow integrity (CFI) solutions have been proposed both in software and hardware. Only hardware solution can withstand the most powerful attackers, but to be effective the hardware must be able to discriminate legal control flows from malicious ones . For effective hardware CFI, the control flow graph must be static. Therefore forward indirect jumps should be forbidden. Radically secure ISA May 30th, 2020 10 / 22

  11. Stricter control flows Removing forward indirect jumps Recommendation 6 Forbidding forward indirect jumps Remove the JALR instruction to forbid forward indirect jumps. A mech- anism is presented in the next section to reintroduce safer indirect jumps. Consequences Removing the JALR instructions has several consequences that must be mitigated. Dispatcher patterns become costly: we need to add a new DISPATCH instruction. It becomes impossible to transfer the control flow to a different program. It prevents to simply return from a procedure. There is no possibility to perform a direct long jump. Radically secure ISA May 30th, 2020 11 / 22

  12. Stricter control flows Returns Recommendation 7 Returns For efficient returns from procedures, add a new RETURN instruction. Semantically, the instruction should jump to the instruction following the last executed JAL whose bit 7 was set to 1. In other words, the CPU should implement a call stack. The JAL des- tination register becomes useless and its freed bits (all but the least significant, i.e. 4 bits) can be used to extend the jump reach. A call to JAL now pushes the return address to the call stack if bit 7 (the least significant bit of rd ) is 1. Executing RETURN pops the last address in the call stack and jumps to it. How to implement this call stack and how to mitigate the other consequences of removing the indirect jumps are in the paper. Radically secure ISA May 30th, 2020 12 / 22

  13. Hardware security contexts Table of contents Confidential registers 1 Stricter control flows 2 Hardware security contexts 3 Wrap-up 4 Radically secure ISA May 30th, 2020 13 / 22

  14. Hardware security contexts Split or flush Definition: security domain A security domain is the set of elements respecting the same security policy (isolation, confidentiality, integrity, etc.). Lesson from past attacks The big lesson of the various recent attacks is that it is not possible to share data from different security domains into the same micro-architectural resource. Either the resource must be flushed before accepting another input, or the resource must support being split into isolated sub-resources. The hardware has no support for security domains. The software cannot tell to the hardware where the domain boundaries are. Radically secure ISA May 30th, 2020 14 / 22

  15. Hardware security contexts Ensuring portability Recommendation 9 No micro-architecture management Forbid all micro-architecture management instructions, cache manage- ment in particular. Since each CPU has its own resources that may be split or must be flushed, adding instructions for the management of these elements creates a portability issue. Recommendation 10 Hardware security context (HSC) instructions Micro-architectural security guarantees must be provided through the HSC instructions described in this section. Instead, add instructions to delimit domains and let the hardware handle the consequences. Radically secure ISA May 30th, 2020 15 / 22

  16. Hardware security contexts HSC extension - single hart Single hart In a single hart system, there is always only one HSC at a time. HSC data structure Everything is store in dedicated registers called HSC configurations ( hscconf ) which have 3 fields: Key: a unique cryptographically secure random value that can be derived to identify the HSC. Entry point: the entry address for this HSC. Capabilities: registers to store what can be done by this HSC. Radically secure ISA May 30th, 2020 16 / 22

  17. Hardware security contexts Configuration handling Configuration addressing hscconf0 corresponds to the current HSC: its fields cannot be modified. Other configurations have dedicated registers hscconf1 , hscconf2 , . . . Accessing and modifying HSCREAD rd, hscconfs1, offset to read a value. HSCGENKEY hscconfd to generate a new key and set an HSC as new . HSCWENTRY hscconfd, rs1 to modify an entry-point of a new HSC. HSCWCAP hscconfd, rs1 to modify capabilities of a new HSC. Loading and storing HSCSTORE hscconfs1, offset(rs1) to store an HSC in memory. HSCLOAD hsccond, offset(rs1) to load an HSC from memory. Radically secure ISA May 30th, 2020 17 / 22

  18. Hardware security contexts Context switching Move HSCMV hscconfd, hscconfs1 to transfer all values from a configuration to another one. Switch Both HSCMV and HSCLOAD can overwrite hscconf0 and therefore trigger a context switch. Upon a switch, the microarchitecture can detect the security domain change with the key register and act accordingly: split or flush. The switch is also a forward indirect jump since the program counter is set to the new domain entry point: forward indirect jumps are only authorized when the security domain changes. Radically secure ISA May 30th, 2020 18 / 22

  19. Hardware security contexts Multiple harts Multiple harts sharing the same micro-architectural resources must be statically allocated to avoid port contention attacks in particular. No more always-on hart A hart must now be initiated as a fork of another one and it must be ended to definitively free the corresponding resources Hart start/stop HSCSTART rd, hscconfs1 is used to create a hart with context hscconf1 . rd is set to 0 if the static allocation was successful and the new hart started. HSCEND rd is used to end the current hart and possibly releasing all corresponding resources. The other alternative is to forbid resource sharing inside a core: all the harts of the same core must be in the same HSC. Radically secure ISA May 30th, 2020 19 / 22

  20. Wrap-up Table of contents Confidential registers 1 Stricter control flows 2 Hardware security contexts 3 Wrap-up 4 Radically secure ISA May 30th, 2020 20 / 22

  21. Wrap-up Wrap-up 1 We need a new class of CPUs, the secure one, 2 around a new ISA with modified semantics. 3 The new ISA must enable the software to communicate security properties to the hardware (confidentiality, HSCs, . . . ). 4 Indirect jumps imply to switch to a new security domain. 5 We can combine the ISA changes for new guarantees: e.g. automatic memory encryption. Radically secure ISA May 30th, 2020 21 / 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

y RO-DBT via telehealth p o A Radically Open Guide to Webcam-delivered Treatment c t o

y RO-DBT via telehealth p o A Radically Open Guide to Webcam-delivered Treatment c t o

25/09/2020 y RO-DBT via telehealth p o A Radically Open Guide to Webcam-delivered Treatment c t o Conflicts of interest: We dont receive any direct commercial support for our training companies Radically Open Ltd or Radically Open

546 views • 23 slides
Introducing a radically componentized GUI architecture Norman Feske <

Introducing a radically componentized GUI architecture Norman Feske <

Introducing a radically componentized GUI architecture Norman Feske < norman.feske@genode-labs.com > Outline 1. Starting point 2. Ingredients 3. Challenges and solutions 4. Next steps Introducing a radically componentized GUI

426 views • 38 slides
How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

DIMACS Workshop On Secure Routing March 10, 2010 How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing Protocols? $ $ Sharon Goldberg Microsoft Research & Boston University y Michael Schapira

701 views • 54 slides
Variation and creativity with radically afeatureal Roots Jeffrey Keith Parrott WORKSHOP At the

Variation and creativity with radically afeatureal Roots Jeffrey Keith Parrott WORKSHOP At the

Variation and creativity with radically afeatureal Roots Jeffrey Keith Parrott WORKSHOP At the Roots November 20, 2017, Masaryk University, Brno Jeffrey Keith Parrott, Variation and creativity with radically afeatural Roots ,

556 views • 41 slides
JBP V LIFT Radically New Approach for Anti Aging Treatment What is JBP V Lift ? PDO

JBP V LIFT Radically New Approach for Anti Aging Treatment What is JBP V Lift ? PDO

JBP V LIFT Radically New Approach for Anti Aging Treatment What is JBP V Lift ? PDO (Polydioxanone) Embedding therapy needle with absorbable suture (PDO) Injecting several dozen of needles on cheeks one by one. After pulling

859 views • 9 slides
FNFNES Recommendations Recommendations from the FNFNES are currently being finalized,

FNFNES Recommendations Recommendations from the FNFNES are currently being finalized,

FNFNES Recommendations Recommendations from the FNFNES are currently being finalized, subject to feedback received at this Forum. A number of recommendations are currently being considered. Recommendations (1/3) 1. The authors of

220 views • 5 slides
The EU Compacts Coralie Diebold, EEA/The Refugee Campaign Introduction Europe is radically

The EU Compacts Coralie Diebold, EEA/The Refugee Campaign Introduction Europe is radically

The EU Compacts Coralie Diebold, EEA/The Refugee Campaign Introduction Europe is radically changing its philosophy of dealing with migration and partnerships with other countries and that is dangerous for human rights, including freedom of

471 views • 10 slides
4/17/20 Design, Analysis, and Assessment of Learning Workgroup Recommendations Recommendations

4/17/20 Design, Analysis, and Assessment of Learning Workgroup Recommendations Recommendations

4/17/20 Design, Analysis, and Assessment of Learning Workgroup Recommendations Recommendations Submitted April 2020 1 DNA Workgroup Recommendations Goal Statement Main Recommendations Curriculum Development Recommendations

417 views • 5 slides
1 From Homogenous Monolith to Radically Heterogenous Micro-services* Architecture For you,

1 From Homogenous Monolith to Radically Heterogenous Micro-services* Architecture For you,

1 From Homogenous Monolith to Radically Heterogenous Micro-services* Architecture For you, @samnewman Conways Law HELLO WORLD!!!!!!!!!!!!!!!!! What is Wunderlist? Wunderlist is available on iPhone, iPad, Mac, Web, Android, Windows

1.03k views • 68 slides
A Radically Non-Morphemic Approach to Bidirectional Syncretisms Gereon Mller * Abstract This

A Radically Non-Morphemic Approach to Bidirectional Syncretisms Gereon Mller * Abstract This

A Radically Non-Morphemic Approach to Bidirectional Syncretisms Gereon Mller * Abstract This paper addresses the question of how certain kinds of overlap- ping syncretisms in inflectional paradigms can be accounted for that Baerman et al.

430 views • 30 slides
Embassies: Radically refactoring the web John R. Douceur Jon Howell Bryan Parno Microsoft

Embassies: Radically refactoring the web John R. Douceur Jon Howell Bryan Parno Microsoft

Embassies: Radically refactoring the web John R. Douceur Jon Howell Bryan Parno Microsoft Research promise of the web model the web is quite vulnerable Buffer overflows JavaScript API vulnerabilities XSS CSRF Session fixation

1.28k views • 50 slides
W H O A global creative family radically transforming brands and businesses in a digital-first

W H O A global creative family radically transforming brands and businesses in a digital-first

W H O A global creative family radically transforming brands and businesses in a digital-first world. W H A T S T R A T E G Y C O N T E N T Our core services span Social Strategy Content Creation Brand Strategy Photography four key

877 views • 31 slides
W H O A global creative family radically transforming brands and businesses in a digital-first

W H O A global creative family radically transforming brands and businesses in a digital-first

W H O A global creative family radically transforming brands and businesses in a digital-first world. W H A T S T R A T E G Y C O N T E N T Our core services span Social Strategy Content Creation Brand Strategy Photography four key

586 views • 33 slides
Tipping Point 2013: Radically rethinking our response to cats ___________________________________

Tipping Point 2013: Radically rethinking our response to cats ___________________________________

Making the Case for a Paradigm Shift in Community Cat Management June 27, 2013 ___________________________________ Tipping Point 2013: Radically rethinking our response to cats

688 views • 29 slides
Probabilistic Passphrase Cracking Luc Gommans Radically Open Security Contents 1. Introduction

Probabilistic Passphrase Cracking Luc Gommans Radically Open Security Contents 1. Introduction

Probabilistic Passphrase Cracking Luc Gommans Radically Open Security Contents 1. Introduction 2. Prior Work 3. Research Question 4. Methods 5. Results 6. Conclusions 7. Future work 2 What are passphrases? balsa chew pure swan I

488 views • 17 slides
Radically modular data ingestion APIs in Apache Beam Eugene Kirpichov

Radically modular data ingestion APIs in Apache Beam Eugene Kirpichov

Radically modular data ingestion APIs in Apache Beam Eugene Kirpichov <kirpichov@google.com> Staff Software Engineer Plan 01 Intro to Beam 04 Splittable DoFn Unified, portable data processing Missing piece for composable sources 02

576 views • 55 slides
Introduction to the MIPS ISA Overview Remember that the machine only understands very basic

Introduction to the MIPS ISA Overview Remember that the machine only understands very basic

Introduction to the MIPS ISA Overview Remember that the machine only understands very basic instructions (machine instructions) It is the compilers job to translate your high-level (e.g. C program) into machine instructions. In more

320 views • 9 slides
Instruction Set Architectures Part I: From C to MIPS Readings: 2.1- 2.14 1 Goals for this

Instruction Set Architectures Part I: From C to MIPS Readings: 2.1- 2.14 1 Goals for this

Instruction Set Architectures Part I: From C to MIPS Readings: 2.1- 2.14 1 Goals for this Class Understand how CPUs run programs How do we express the computation the CPU? How does the CPU execute it? How does the CPU

349 views • 19 slides
Opening Doors to Education (And Keeping Them Open) Where we thought we were

Opening Doors to Education (And Keeping Them Open) Where we thought we were

Opening Doors to Education (And Keeping Them Open) Where we thought we were Prior-Prior-Year (PPY) Earlier FAFSA Launch (October) The FAFSA now uses tax information from the tax year two year years prior to the financial aid year

377 views • 19 slides
Working With Consumers that have NOT Filed or Reconciled APTC from Prior Years: Overview of the

Working With Consumers that have NOT Filed or Reconciled APTC from Prior Years: Overview of the

Working With Consumers that have NOT Filed or Reconciled APTC from Prior Years: Overview of the FTR Recheck Process April 13, 2018 Disclaimer The information provided within these slides is not intended to take the place of the statutes,

492 views • 13 slides
Computer Architectures Changing Definition Appendix B 1950s to 1960s: Computer

Computer Architectures Changing Definition Appendix B 1950s to 1960s: Computer

Computer Architectures Changing Definition Appendix B 1950s to 1960s: Computer Architecture Course = Computer Arithmetic 1970s to mid 1980s: Instruction Set Principles Instruction Set Principles Computer Architecture Course =

357 views • 8 slides
Panfrost A reverse engineered FOSS driver for Mali Midgard and Bifrost GPUs Contributors

Panfrost A reverse engineered FOSS driver for Mali Midgard and Bifrost GPUs Contributors

Panfrost A reverse engineered FOSS driver for Mali Midgard and Bifrost GPUs Contributors Alyssa Rosenzweig Most of the Midgard RE/Driver development Connor Abbott Initial Midgard ISA RE Most of the Bifrost ISA RE Lyude

417 views • 20 slides
Roadmap 1. Instruction Set Architectures (ISA) What is CISC? What is RISC? Why did RISC prevail

Roadmap 1. Instruction Set Architectures (ISA) What is CISC? What is RISC? Why did RISC prevail

Roadmap 1. Instruction Set Architectures (ISA) What is CISC? What is RISC? Why did RISC prevail in the instruction set wars? Describe a simple RISC ISA called DLX 2. Designing a simple DLX processor: Single Cycle Implementation Multiple

753 views • 11 slides
R I S C - V s u p p o r t i n O T A WA : V a l i d a t i o n o f t

R I S C - V s u p p o r t i n O T A WA : V a l i d a t i o n o f t

R I S C - V s u p p o r t i n O T A WA : V a l i d a t i o n o f t h e I S A d e s c r i p t i o n E m m a n u e l C a u s s , H u g u e s C a s s , P a s c a l

480 views • 24 slides

More recommend